May 5, 2022
A pre-authenticated remote code execution vulnerability has been disclosed in dotCMS, an open-source content management system written in Java and “used by over 10,000 clients in over 70 countries around the globe, from Fortune 500 brands and mid-sized businesses.”
The critical flaw, tracked as CVE-2022-26352, stems from a directory traversal attack when performing file uploads, enabling an
The critical flaw, tracked as CVE-2022-26352, stems from a directory traversal attack when performing file uploads, enabling an
Article posted by: https://thehackernews.com/2022/05/critical-rce-bug-reported-in-dotcms.html
——————————————————————————————————————–
Infocerts, 5B 306 Riverside Greens, Panvel, Raigad 410206 Maharashtra, India
Contact us – https://www.infocerts.com
